package org.graduation.rbac.service;

import org.graduation.model.common.RBAC.Permissions;
import org.graduation.model.common.RBAC.RBACModelTag;
import org.graduation.model.common.RBAC.Roles;
import org.graduation.model.common.ResponseResult;
import org.graduation.model.common.user.User;

import java.util.Set;

/**
 * 通用的权限服务接口
 */
public interface RBACService {

    /**
     * 为user分配model对应的角色
     *
     * @param user
     * @param model
     * @param role
     * @return
     */
    ResponseResult assignRole(User user, RBACModelTag model, Roles role);

    /**
     * 为user撤销在model对应的角色
     *
     * @param user
     * @param model
     * @param role
     * @return
     */
    ResponseResult revokeRole(User user, RBACModelTag model, Roles role);

    /**
     * 获取用户关于model所有的权限
     *
     * @param user
     * @param model
     * @return
     */
    Set<Permissions> getUserAllPermissions(User user, RBACModelTag model);

    /**
     * user是否有关于model的某项权限
     *
     * @param user
     * @param model
     * @param permissions
     * @return
     */
    Boolean checkPermission(User user, RBACModelTag model, Permissions permissions);
}
